[Spacewalk-list] clients can't register - ssl cert problem
Sander Grendelman
sander at grendelman.com
Tue May 24 15:14:33 UTC 2011
>
> When I do a rhn_register on a client I get told it's failed and I should look in the up2date log.
>
> The up2date log shows a large python backtrace
...
> 15.
> up2date_client.up2dateErrors.SSLCertificateVerifyFailedError: The SSL certificate /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT failed verification.
>
> if I look in /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT on the CLIENT machine the certificate is exactly the same as the one on the spacewalk machine
>
>
>
> [root at spacewalk01 auth]# ls -la /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
> -rw-r--r-- 1 root root 5467 May 24 11:23 /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
>
> [root at vmbuild01 rhn]# ls -la RHN-ORG-TRUSTED-SSL-CERT
> -rw-r--r-- 1 root root 5467 May 24 11:29 RHN-ORG-TRUSTED-SSL-CERT
* Are the md5sums also the same?
* Where did you get this SSL cert from? Did you install the rpm from
your SW-server? (/var/www/html/pub/rhn-org-trusted-ssl-cert*noarch.rpm
?
>
> any suggestions as to what would cause this would be most welcome as I had a working spacewalk machine and I can't figure out what I've done to break this.
You've changed the hostname ;) NB: there's also a special script for
hostname changes:
[root at mir ~]# rpm -qf $(which spacewalk-hostname-rename)
spacewalk-utils-1.2.9-1.el5
[root at mir ~]#
Kind regards,
Sander.
More information about the Spacewalk-list
mailing list